SIEM Administrator

Position Summary: 

The position of  SIEM Engineer provides the opportunity to work with leading edge staff and technologies. The position involves taking responsibility for successful detection of cybersecurity incidents leveraging advanced security technologies. Primary responsibilities include.

Responsibilities and Duties:

• Analysis of data feeds from various security tools and logs.
• Identification of capabilities and quality of these feeds and recommend improvements.
• Implementation of new content use cases based on threat intelligence, analyst feedback, available log data, previous incidents.
• Perform day to day activities of the content life cycle, including creating new use cases, testing content, tuning, and deprecating content.
• Strong documentation and communication skills and ability to maintain associated documentation.
• Ability to drive process improvements and identify gaps.
• Assist with development of parsers or field extractions to facilitate reliable content development.
• Knowledge of programming or scripting fundamentals; Python 3 preferred.
• Create, implement, document and maintain novel analytic methods and techniques for incident detection.
• Share knowledge, mentor and train junior engineers and analysts.

Qualification requirements: 

Hard skills:

• Advanced knowledge of SIEM correlation engines, reporting capabilities, and dashboards
• Proven expertise using Google Chronicle (SecOps), Splunk, or Microsoft Sentinel
• Advanced knowledge and interest in attacking tools, tactics, and procedures (TTPs)
• Strong understanding of cyber kill chains and the MITRE ATT&CK framework
• Experience with associated detection tools and technologies (IDS, EDR, etc.)
• Fluent in networking and common protocols: HTTP, DNS, SMB, IP, TCP, UDP
• Working knowledge of web technologies: SSL, Web Services, Proxy configurations
• In-depth knowledge of vulnerabilities and exploitation, including detection and mitigation techniques

Soft skills:

• Self-driven and highly organized
• Strong verbal and written communication skills 
  

Previous (minimum) experience requirements: 

• At least five (5) years of related work experience in network operations
• At least two (2) years of experience in network security (Firewall, Network Access, Security controls)

Benefits entitlement :

• Vacation: 15 days
• Sick/Personal Days: 15 days
• Rice Allowance: PHP 2,000
• HMO Coverage